Data integrity system for transmission of incoming and outgoing data

ABSTRACT

Aspects of the disclosure relate to a data integrity system for transmission of data. A computing platform may detect transmission of data to a second enterprise computing device, and may intercept the data content in transmission. Then, the computing platform may convert the data content to an electronic file in a standardized textual format. Then, the computing platform may add an alert message to a message queue indicating that the electronic file is available for processing. Subsequently, the computing platform may cause one or more content processors to process the electronic file to identify a portion of the data content for review prior to transmission, and output a notification message to the message queue providing information related to the identified portion. Then, the computing platform may modify the data content, generate a link to the modified data content, and provide the generated link to the second enterprise computing device.

BACKGROUND

Aspects of the disclosure relate to deploying digital data processingsystems to real-time protection of data. In particular, one or moreaspects of the disclosure relate to a data integrity system fortransmission of incoming and outgoing data.

Enterprise organizations may utilize various resources to support theircomputing infrastructure. For large enterprise organizations,maintaining, updating, and managing network activity over the variousenterprise resources may be of significant importance in protectingconfidential information and/or other sensitive data that is created,transmitted, and/or used for various purposes. It may be helpful tointercept data flow between servers, applications, devices, and soforth, to streamline data transmission, and protect data in transit. Asdata flows through the network in real-time, such detection andmanagement of data may be time-sensitive and there may be significantadvantages for the data protection to be performed in real-time as well.Ensuring that data integrity is maintained, and timely and targetedpreventive measures are undertaken, in real-time with speed andaccuracy, may be particularly advantageous to ensure a smooth running ofan enterprise infrastructure. In many instances, however, it may bedifficult to analyze and/or protect data transmission, in anorganization's complex network comprising a vast number of networkdevices and users, while also attempting to optimize network resources,bandwidth utilization, and efficient operations of the computinginfrastructure.

SUMMARY

Aspects of the disclosure provide effective, efficient, scalable, fast,reliable, and convenient technical solutions that address and overcomethe technical problems associated with maintaining data integrity fortransmission of incoming and outgoing data.

In accordance with one or more embodiments, a computing platform havingat least one processor, and memory may detect, via a communicationnetwork, transmission of data from a first enterprise computing deviceto a second enterprise computing device. Subsequently, the computingplatform may intercept, prior to receipt of the transmission by thesecond enterprise computing device, the data content. Then, thecomputing platform may convert the data content to an electronic file ina standardized textual format. Then, the computing platform may add analert message to a message queue, where the alert message may indicatethat the electronic file is available to be processed. Subsequently, thecomputing platform may cause one or more content processors to processthe electronic file to identify a portion of the data content for reviewprior to transmission to the second enterprise computing device, wherethe processing may include reading the alert message in the messagequeue, retrieving, in response to the alert message, the electronicfile, identifying the portion of the data content in the electronicfile, and outputting a notification message to the message queue, wherethe notification message may provide information related to theidentified portion of the data content. Then, the computing platform maymodify, based on the notification message, the data content.Subsequently, the computing platform may generate a link to the modifieddata content. Then, the computing platform may provide, via thecommunication network and to the second enterprise computing device, thegenerated link.

In some embodiments, the computing platform may cause the one or morecontent processors to search for unauthorized code. In some embodiments,the computing platform may cause the one or more content processors todetermine a severity level of the unauthorized code.

In some embodiments, the computing platform may cause the one or morecontent processors to search for at least one of embedded scripts andmacros. In some embodiments, the computing platform may cause the one ormore content processors to determine a number of the at least one of theembedded scripts and macros.

In some embodiments, the computing platform may cause the one or morecontent processors to search for non-public information. In someembodiments, the computing platform may cause the one or more contentprocessors to determine an amount of the non-public information.

In some embodiments, the computing platform may identify an additionaltype of content potentially for review prior to transmission to thesecond enterprise computing device. Then, the computing platform mayconfigure an additional content processor to identify additional datacontent associated with the additional type of content.

In some embodiments, the computing platform may, prior to adding thealert message to the message queue, associate a unique identifier withthe electronic file.

In some embodiments, the computing platform may associate a uniqueidentifier with the electronic file. Then, the computing platform mayupdate the unique identifier with a status of the electronic file in themessage queue.

In some embodiments, the computing platform may receive a status requestfor the transmission of the data content. Then, the computing platformmay access the message queue to read the updated unique identifier.Subsequently, the computing platform may, based on the updated uniqueidentifier, provide a response to the status request.

In some embodiments, the computing platform may display, in real timeand via a graphical user interface, a status of the transmission of thedata content.

In some embodiments, the computing platform may, prior to adding thealert message to the message queue, determine whether a portion of theelectronic file has been previously processed. Then, the computingplatform may, based upon a determination that the portion of theelectronic file has been previously processed, mark additional portionsof the electronic file to be processed. In some embodiments, thecomputing platform may cause at least one content processor, of the oneor more content processors, to not process the electronic file.

In some embodiments, the computing platform may perform one or more ofmasking a portion of the identified data content, deleting a portion ofthe identified data content, altering a portion of the identified datacontent, and generating a notification that the electronic file is notavailable.

In some embodiments, the computing platform may determine a risk scorefor the data content, where the risk score is based at least in part onone of: a severity level of an unauthorized code, a number of embeddedscripts, a number of embedded macros, and an amount of non-publicinformation.

These features, along with many others, are discussed in greater detailbelow.

BRIEF DESCRIPTION OF THE DRAWINGS

The present disclosure is illustrated by way of example and not limitedin the accompanying figures in which like reference numerals indicatesimilar elements and in which:

FIGS. 1A and 1B depict an illustrative computing environment for a dataintegrity system for transmission of incoming and outgoing data inaccordance with one or more example embodiments;

FIG. 2 depicts an illustrative network environment for a data integritysystem for transmission of incoming and outgoing data in accordance withone or more example embodiments; and

FIG. 3 depicts an illustrative method for a data integrity system fortransmission of incoming and outgoing data in accordance with one ormore example embodiments.

DETAILED DESCRIPTION

In the following description of various illustrative embodiments,reference is made to the accompanying drawings, which form a parthereof, and in which is shown, by way of illustration, variousembodiments in which aspects of the disclosure may be practiced. It isto be understood that other embodiments may be utilized, and structuraland functional modifications may be made, without departing from thescope of the present disclosure.

It is noted that various connections between elements are discussed inthe following description. It is noted that these connections aregeneral and, unless specified otherwise, may be direct or indirect,wired or wireless, and that the specification is not intended to belimiting in this respect.

Some aspects of the disclosure relate to a data integrity system fortransmission of incoming and outgoing data. For example, an enterprisenetwork management infrastructure may deploy computing resources such asnetwork devices, web resources, electronic mail applications, externalvendor applications, mobile applications, and so forth. A large amountof data (including machine-generated data) may be exchanged between suchapplications, both within an enterprise organization, and betweenexternal entities and entities within the enterprise organization. Insome instances, such data transmissions, unless adequately protected,may pose a large security threat to the enterprise services. For largeenterprise organizations with vast amounts of deployed resources, alarge number of employees, and a large client-base, data transmissionsmay take varied and complex forms, and it may be advantageous to providereal-time protection, including protecting data in transit.

Generally, it may not be possible to manually manage such a vast arrayof network applications and devices, with near-continuous flow of data.Accordingly, it may be of great significance for a large enterpriseorganization (e.g., financial institution), with large amounts ofconfidential information to protect, to detect and protect, inreal-time, data transmissions.

Accordingly, aspects of this disclosure relate to automated monitoringof data transmissions between a source computing device and adestination computing device and protect such data transmissions inreal-time. Intercepting, and/or protecting such data transmissions via amanual process and/or based on mental steps is unlikely because itrelates to vast amounts of real-time data traffic, and such data trafficis rapidly changing in real-time over thousands of enterprise resources.Also, since the data may reside and/or be exchanged over a vast array ofusers, internal and external applications, and network devices, itnecessitates a use of computing devices to intercept the plurality ofdata transmissions over networks, process such data content, and takeappropriate remediation steps.

In many enterprise related applications, networks may experiencebottlenecks and other data traffic congestion issues. Limits on storagecapacities, memory capacities, available processing capacities for CPUs,and network bandwidth related issues, may contribute to such trafficcongestion. Accordingly, techniques disclosed herein may be an effectiveway to alleviate some of the technical challenges encountered managingin data transmissions. Also, for example, financial institutions handlelarge volumes of confidential data. Such data may need to be encrypted.Generally, processing data content may be a time consuming task, withdifferent modules working independently to process various aspects ofthe data content. This may also lead to less efficient resourceallocation. Accordingly, a streamlined process, where multiple networkdevices communicate with each other, and process the data contentsimultaneously, may enhance functioning of the data integrity system.Also, for example, an adaptive ability to create and configure modulesto process and resolve new types of data integrity issues, furtherenhances functioning of the data integrity system, making it more agileand scalable. It may be noted, that as data transmissions occur over acomputing network, the problem of protecting data transmissions arisesin the realm of networks, and as described herein, a solution isnecessarily rooted in computer technology to overcome a problem arisingin the realm of computer networks.

FIGS. 1A and 1B depict an illustrative computing environment for a dataintegrity system for transmission of incoming and outgoing data inaccordance with one or more example embodiments. Referring to FIG. 1A,computing environment 100 may include one or more computer systems. Forexample, computing environment 100 may include data integrity computingplatform 110, enterprise network management infrastructure 120,enterprise data storage platform 130, first enterprise computing device140, second enterprise computing device 150, and external computingdevice 160.

As illustrated in greater detail below, data integrity computingplatform 110 may include one or more computing devices configured toperform one or more of the functions described herein. For example, dataintegrity computing platform 110 may include one or more computers(e.g., laptop computers, desktop computers, servers, server blades, orthe like) and/or other computer components (e.g., processors, memories,communication networks).

Enterprise network management infrastructure 120 may include one or morecomputing devices and/or other computer components (e.g., processors,memories, communication interfaces). In addition, enterprise networkmanagement infrastructure 120 may be configured to manage, host,execute, and/or otherwise provide one or more enterprise applicationsand/or devices (e.g., first enterprise computing device 140, secondenterprise computing device 150). For example, enterprise networkmanagement infrastructure 120 may be configured to manage, host,execute, and/or otherwise provide a computing platform for variousnetwork devices and enterprise applications. In some instances,enterprise network management infrastructure 120 may be configured toprovide various enterprise and/or back-office computing functions for anenterprise organization, such as a financial institution. For example,enterprise network management infrastructure 120 may include variousservers and/or databases that store and/or otherwise maintain accountinformation, such as financial account information including accountbalances, transaction history, account owner information, entitlementsfor personnel, access restriction information, enterprise policies,human resource policies, data protection, transmission, and retentionpolicies, and/or other information. Also, for example, enterprisenetwork management infrastructure 120 may include various servers and/ordatabases that may manage information technology resources for theenterprise organization. Additionally, or alternatively, enterprisenetwork management infrastructure 120 may receive instructions from dataintegrity computing platform 110 and execute the instructions in atimely manner.

Enterprise data storage platform 130 may include one or more computingdevices and/or other computer components (e.g., processors, memories,communication interfaces). In addition, and as illustrated in greaterdetail below, enterprise data storage platform 130 may be configured tostore and/or otherwise maintain enterprise data, including dataexchanged between network devices and/or other resources hosted,executed, and/or otherwise provided by enterprise network managementinfrastructure 120. Also, for example, enterprise data storage platform130 may be configured to store and/or otherwise maintain informationassociated with data transmissions between enterprise applicationsand/or devices (e.g., first enterprise computing device 140, secondenterprise computing device 150), and/or between an enterpriseapplication and/or device and an external vendor application, usercomputing device (e.g., first enterprise computing device 140 andexternal computing device 160). Additionally, or alternatively,enterprise network management infrastructure 120 may load data fromenterprise data storage platform 130, manipulate and/or otherwiseprocess such data, and return modified data and/or other data toenterprise data storage platform 130 and/or to other computer systemsincluded in computing environment 100.

First enterprise computing device 140 and second enterprise computingdevice 150 may be devices, servers, and so forth configured to hostapplications utilized by the enterprise organization, and managed,hosted, executed, and/or otherwise provided by enterprise networkmanagement infrastructure 120. For example, first enterprise computingdevice 140 may host a word processing application and second enterprisecomputing device 150 may host a telecommunications application. In someembodiments, first enterprise computing device 140 and second enterprisecomputing device 150 may be user devices that exchange data, and/or userdevices that access enterprise applications. The term “enterpriseapplication” as used herein, may generally refer to any application usedwithin an enterprise organization. For example, an enterpriseapplication may be a stand-alone application, or a suite ofapplications.

External computing device 160 may be a device, server, and so forthconfigured to host an application provided by a vendor, and/or a useroutside the enterprise organization. For example, external computingdevice 160 may host a human resource application, a travel managementapplication, a health insurance provider application, payment processingapplication, a voice over IP (“VOIP”) service application, and so forth.The term “external application” as used herein, may generally refer toany application provided by an external vendor to an enterpriseorganization. In some embodiments, external computing device 160 may bea user device that may communicate with first enterprise computingdevice 140 and/or second enterprise computing device 150. For example,external computing device 160 may be a user device that communicateswith a web portal for a financial institution.

Computing environment 100 also may include one or more networks, whichmay interconnect one or more of data integrity computing platform 110,enterprise network management infrastructure 120, enterprise datastorage platform 130, first enterprise computing device 140, secondenterprise computing device 150, and external computing device 160. Forexample, computing environment 100 may include private network 170(which may interconnect, for example, data integrity computing platform110, enterprise network management infrastructure 120, enterprise datastorage platform 130, first enterprise computing device 140, secondenterprise computing device 150, and/or one or more other systems (whichmay be associated with an organization, such as a financialinstitution), and public network 180 (which may interconnect, forexample, external computing device 160 with private network 170 and/orone or more other systems, public networks, sub-networks, and/or thelike). For example, public network 180 may interconnect externalcomputing device 160 with first enterprise computing device 140 and/orsecond enterprise computing device 150 via private network 170. In someinstances, public network 180 may be a high generation cellular network,such as, for example, a fifth generation (“5G”) or higher cellularnetwork. In some instances, private network 170 may likewise be a highgeneration cellular enterprise network, such as, for example, a 5G orhigher cellular network.

In one or more arrangements, data integrity computing platform 110,enterprise network management infrastructure 120, enterprise datastorage platform 130, first enterprise computing device 140, secondenterprise computing device 150, and external computing device 160,and/or the other systems included in computing environment 100 may beany type of computing device capable of communicating with a userinterface, receiving input via the user interface, and communicatingwith one or more other computing devices. For example, data integritycomputing platform 110, enterprise network management infrastructure120, enterprise data storage platform 130, first enterprise computingdevice 140, second enterprise computing device 150, external computingdevice 160, and/or the other systems included in computing environment100 may, in some instances, be and/or include server computers, desktopcomputers, laptop computers, tablet computers, smart phones, or the likethat may include one or more processors, memories, communicationinterfaces, storage devices, and/or other components. As noted above,and as illustrated in greater detail below, any and/or all of dataintegrity computing platform 110, enterprise network managementinfrastructure 120, enterprise data storage platform 130, firstenterprise computing device 140, second enterprise computing device 150,and external computing device 160, may, in some instances, bespecial-purpose computing devices configured to perform specificfunctions.

Referring to FIG. 1B, data integrity computing platform 110 may includeone or more processors 111, memory 112, and communication interface 113.A data bus may interconnect processor 111, memory 112, and communicationinterface 113. Communication interface 113 may be a network interfaceconfigured to support communication between data integrity computingplatform 110 and one or more networks (e.g., public network, privatenetwork, a local network, or the like). Memory 112 may include one ormore program modules having instructions that when executed by processor111 cause data integrity computing platform 110 to perform one or morefunctions described herein and/or one or more databases that may storeand/or otherwise maintain information which may be used by such programmodules and/or processor 111. In some instances, the one or more programmodules and/or databases may be stored by and/or maintained in differentmemory units of data integrity computing platform 110 and/or bydifferent computing devices that may form and/or otherwise make up dataintegrity computing platform 110. For example, memory 112 may have,store, and/or include data interception engine 112 a, message queueengine 112 b, content processors 112 c, and integrity response engine112 d. Data interception engine 112 a may have instructions that directand/or cause data integrity computing platform 110 to detect, via acommunication network, transmission of data content from a firstenterprise computing device to a second enterprise computing device.Data interception engine 112 a may have instructions that direct and/orcause data integrity computing platform 110 to intercept, prior toreceipt of the transmission by the second enterprise computing device,the data, as discussed in greater detail below. In some embodiments,data interception engine 112 a may have instructions that direct and/orcause data integrity computing platform 110 to convert the data contentto an electronic file in a standardized textual format. In someembodiments, data interception engine 112 a may have instructions thatdirect and/or cause data integrity computing platform 110 to store theelectronic file.

Message queue engine 112 b may have instructions that direct and/orcause data integrity computing platform 110 to add an alert message to amessage queue, where the alert message may indicate that the electronicfile is available to be processed. In some embodiments, message queueengine 112 b may have instructions that direct and/or cause dataintegrity computing platform 110 to cause one or more content processorsto read the alert message in the message queue.

Content processors 112 c may have instructions that direct and/or causedata integrity computing platform 110 to process the electronic file toidentify a portion of the data content for review prior to transmissionto the second enterprise computing device, where the processing mayinclude retrieving, in response to the alert message, the electronicfile, identifying the portion of the data content in the electronicfile, and outputting a notification message to the message queue, wherethe notification message may provide information related to theidentified portion of the data content.

Integrity response engine 112 d may have instructions that direct and/orcause data integrity computing platform 110 to modify, based on thenotification message, the data content. In some embodiments, integrityresponse engine 112 d may have instructions that direct and/or causedata integrity computing platform 110 to generate a link to the modifieddata content. In some embodiments, integrity response engine 112 d mayhave instructions that direct and/or cause data integrity computingplatform 110 to provide, via the communication network and to the secondenterprise computing device, the generated link.

FIG. 2 depicts an illustrative network environment for a data integritysystem for transmission of incoming and outgoing data in accordance withone or more example embodiments. Referring to FIG. 2, data integritycomputing platform 110 may detect, via a communication network,transmission of data from a first computing device 205 to a secondcomputing device 165 (e.g., second enterprise computing device 150,external computing device 160). As described herein, enterprise networkmanagement infrastructure 120 may be configured to manage, host,execute, and/or otherwise provide one or more enterprise applications.Network devices (e.g., first computing device 205, second computingdevice 265) within enterprise network management infrastructure 120 maygenerate large volumes of data transmissions, includingmachine-generated transmissions. For example, network devices, such as,various servers and/or databases, sensors, routers, computing devices,printers, scanners, cameras, and so forth, may generate vast amounts ofdata. Additional devices may include, for example, web resources,firewalls, and/or operating systems. Such data may include, for example,access data, log data, location data, data on software updates,diagnostic data, user and/or account data, trading data, and so forth.

Generally, enterprise applications and/or vendor applications maycommunicate with one another to exchange information via datatransmissions. For example, each data transmission may originate at afirst computing device (e.g., first computing device 205) and a secondcomputing device (e.g., second computing device 265) may be an intendedrecipient. For example, a source application hosted by the firstcomputing device (e.g., first computing device 205) may initiate a datatransmission to request information, and the destination applicationhosted by the second computing device (e.g., second computing device265) may receive this request. In response, the destination applicationmay provide the requested information by initiating a data transmissionto the requesting (e.g., source) application. Data transmissions mayinclude exchange of data packets over a network. Content of the datatransmission may include electronic communication messages, HTMLdocuments, word processing documents, media content, audio and/or visualcontent, data packets associated with telecommunications, securedcommunications, and so forth.

In some embodiments, the source application and the destinationapplication may be associated with an enterprise organization. Forexample, the source application may be, for example, hosted by the firstcomputing device (e.g., first computing device 205), and the destinationapplication may be, for example, hosted by the second computing device(e.g., second computing device 265). In some embodiments, the sourceapplication may be associated with an enterprise organization, and thedestination application may be associated with an external vendororganization. For example, the source application may be, for example,hosted by the first computing device (e.g., first computing device 205),and the destination application may be, for example, hosted by anexternal computing device (e.g., second computing device 265). In someembodiments, the destination application may be associated with anenterprise organization, and the source application may be associatedwith an external vendor organization. For example, the sourceapplication may be, for example, hosted by an external computing device(e.g., first computing device 205), and the destination application maybe, for example, hosted by the second computing device (e.g., secondcomputing device 265).

In some embodiments, data integrity computing platform 110 may act as adata clearinghouse. For example, data integrity computing platform 110may intercept a data transmission. In some embodiments, data may beintercepted in transit. For example, data integrity computing platform110 may intercept, prior to receipt of the transmission by the secondcomputing device 265, data content. Also, for example, data packets sentover a network may include headers that list source and/or destinationnetwork nodes for a data packet, a communication path for the datapacket, and so forth. In some embodiments, data integrity computingplatform 110 may read the headers for data packets and intercept datathat have headers indicating data management protocols. For example, aheader may indicate that the data content is highly confidential, anddata integrity computing platform 110 may intercept the data content toapply protective measures, as described herein. As another example, aheader may indicate that the data content is being transmitted by anenterprise employee with a high level of security clearance, and dataintegrity computing platform 110 may intercept the data to applyappropriate protective measures.

Also, for example, enterprise organizations may apply a business logicsuch as “permit to send,” where vendor applications may be cleared toreceive certain types of information. However, vendors may change overtime, and/or vendor applications may change. Accordingly, allowingpreviously permissible data without further checks may expose theenterprise organization to security risks. Accordingly, data integritycomputing platform 110 may act as a data clearinghouse to ensure that“permit to send” policies are applied in compliance with updatedevaluations of enterprise risk levels.

Generally, any incoming or outgoing data content may be validated for atype of information that may be included, and to determine if the datacontent poses risk to the enterprise organization. In some embodiments,data integrity computing platform 110 may retrieve the data content fromthe first computing device 205, including a variety of sources, such as,for example, via an application programming interface (“API”). In someembodiments, data integrity computing platform 110 may monitor anenterprise device (e.g., first computing device 205) via a device accessmanager, and/or device driver. Also, for example, the data content maybe retrieved from log files (server log files, database log files,application activity files), network management devices, networkrouters, and so forth.

In some embodiments, data integrity computing platform 110 may include aload balancer 210 that generally manages traffic levels for data in anetwork. In some embodiments, load balancer 210 may route data trafficto optimize resource allocation (e.g., allocation of network resourcesin a network path for a data transmission), optimize time management,reduce traffic bottlenecks, and so forth. For example, data integritycomputing platform 110 may receive network traffic information from anetwork management device, and determine that a volume of data trafficmay exceed a dynamic network capacity for the network. In someembodiments, load balancer 210 may perform load balancing activities toprocess the data traffic. Load balancer 210 may send the data contentvia a network path, where the data content may be processed by a server,such as file server 215, that may serve as a “landing zone”. The landingzone may be an application server that may receive the data content, andstore the data content to a file server (e.g., file server 215,enterprise data storage platform 130, and so forth). Generally, fileserver 215 may perform roles of a triage and complete initial processingof the data content.

In some embodiments, data integrity computing platform 110 may convertthe intercepted data content to an electronic file in a standardizedtextual format. For example, the data content may include photographs,hyperlinks, and other non-textual information. Accordingly, file server215 may convert the data content into, for example, an Excel format, ora Word format, with predetermined cells allocated to various types ofdata content. In some embodiments, data integrity computing platform 110may parse the standardized textual format utilizing text processingtechniques, and identify various types of text. For example, file server215 may identify names, telephone numbers, credit card numbers, socialsecurity numbers, textual versions of photographs, textual versions ofhyperlinks, and so forth. In some embodiments, data integrity computingplatform 110 may separate such content based on categories, and/orotherwise highlight such content. In some embodiments, data integritycomputing platform 110 may store the electronic file in a datarepository (e.g., enterprise data storage platform 130). In someembodiments, data integrity computing platform 110 may hash contents ofthe standardized textual format. As described herein, data integritycomputing platform 110 may associate a unique identifier with thestandardized textual format.

In some embodiments, data integrity computing platform 110 may separateportions of the textual format and identify a content processor that maybe suitable to process each portion. For example, file server 215 mayidentify potentially unauthorized code in the textual format, andidentify a content processor (e.g., content processor A 225) to processthe textual format. As another example, file server 215 may identifymacros and/or scripts in the textual format, and identify a contentprocessor (e.g., content processor B 230) to process the textual format.Also, for example, file server 215 may identify non-public information(“NPI”) in the textual format, and identify a content processor (e.g.,content processor C 235) to process the textual format.

In some embodiments, data integrity computing platform 110 may tag theappropriate portion of the textual format so that the identified contentprocessor may retrieve the textual format and process the taggedportion. For example, file server 215 may tag the potentiallyunauthorized code so that the identified content processor, contentprocessor A 225, may retrieve the textual format and process the taggedportion. As another example, file server 215 may tag the macros and/orscripts so that the identified content processor, content processor B230, may retrieve the textual format and process the tagged portion.Also, for example, file server 215 may tag the NPI so that theidentified content processor, content processor C 235, may retrieve thetextual format and process the tagged portion. In some embodiments, fileserver 215 may separate a portion of the textual format so that theidentified content processor processes the portion of the textualformat, without having to process the entire electronic file.

In some embodiments, file server 215 may associate a unique identifierwith the electronic file. The unique identifier may include metadataassociated with the electronic file. In some embodiments, the uniqueidentifier may include a hash of the contents of the electronic file.The unique identifier may include a digital summary of the contents ofthe electronic file, and may include information such as, portions ofthe electronic file that may have been previously processed, portions ofthe electronic file that may be transmitted without further review, andso forth. Generally, the unique identifier may be updated as theelectronic file is processed by one or more content processors. Also,for example, a message in the message queue 220 may include details ofupdates applied to the unique identifier.

In some embodiments, data integrity computing platform 110 may add analert message to a message queue, where the alert message may indicatethat the electronic file is available to be processed. For example, whenfile server 215 has completed an initial processing of the electronicfile, it may generate alert message 215 a, announcing that “a newdocument is available for processing.” The alert message may includetags for portions of the electronic document, and such tags may indicateassociated content processors that may process relevant portions of theelectronic document. In some embodiments, file server 215 may includenetwork addresses for the associated content processors.

In some embodiments, data integrity computing platform 110 may determinewhether a portion of the electronic file has been previously processed,and may mark additional portions of the electronic file to be processed.For example, data integrity computing platform 110 may include a cacheof electronic files, or types of files and/or content, that has beenpreviously processed. Accordingly, data integrity computing platform 110may determine if the intercepted data content includes similar content,and prepare it for further processing. For example, especially whenprocessing thousands or hundreds of thousands or millions of pieces ofdata content that are transmitted back and forth, large portions of thedata contents may be similar. For example, an electronic message mayinclude a chain of emails that were previously filtered and processed bydata integrity computing platform 110. Accordingly, data integritycomputing platform 110 may only process the last message in the chain ofmessages. Such a technique speeds up the processing, reduces memoryallocation, reduces network traffic bottleneck, and also utilizesresources in an efficient manner.

In some embodiments, data integrity computing platform 110 may cause atleast one content processor, of the one or more content processors, tonot process the electronic file. For example, file server 215 may, basedon the unique identifier, determine that a file with similar contentswas previously processed, and was determined not to contain anyunauthorized code. Accordingly, file server 215 may determine that theelectronic document need not be processed by content processor A 225.

In some embodiments, data integrity computing platform 110 may cause oneor more content processors to process the electronic file to identify aportion of the data content for review prior to transmission to thesecond enterprise computing device. For example, the one or more contentprocessors may be in ongoing and/or periodic communication with messagequeue 220. When file server 215 releases alert message 215 a to messagequeue 220, the one or more content processors may retrieve alert message215 a and read alert message 215 a to determine their respective tasks.In some embodiments, selected content processors may retrieve and/orread alert message 215 a. In some embodiments, each content processormay be privy to a certain portion of alert message 215 a that may berelevant to the particular content processor.

In some embodiments, data integrity computing platform 110 may cause theone or more content processors to retrieve, in response to the alertmessage, the electronic file. For example, a content processor may readalert message 215 a and retrieve the electronic file from file server215. As described herein, each content processor may retrieve the entireelectronic file, or a portion of the electronic file that the contentprocessor is identified to process. In some embodiments, a contentprocessor may read alert message 215 a and determine that it does notneed to process the electronic file, and therefore, may not retrieveelectronic file.

Generally, when data content is transmitted, and/or a file is received,contents of the file may be analyzed for unauthorized content. Ingeneral, such action takes place at a given server. For example,contents of an entire file may be analyzed for unauthorized code.Another server may analyze the file for NPIs. However, such analysis maytake place sequentially. Generally, such servers may not communicatewith each other, and a given file may be processed more than once, orcertain portions may not be processed at all. As described herein, theelectronic file is processed simultaneously by multiple contentprocessors, thereby saving time and computing resources. Also, forexample, each content processor accesses message queue 220 tocommunicate with one another and file server 215, thereby maintainingconsistency between different tasks, and providing comprehensive contentanalysis. Also, for example, file server 215 may oversee the processing,therefore ensuring timely completion of tasks by the content processors,and also providing an ability to know a precise status of theprocessing.

For example, data integrity computing platform 110 may cause contentprocessor A 225 to retrieve, in response to alert message 215 a, theelectronic file (e.g., from file server 215). Content processor A 225may be configured to scan the electronic file, or portions thereof, forunauthorized code (e.g., virus, malware, malicious code, trojan code,and so forth). Content processor A 225 may, upon detection ofunauthorized code, generate a notification message 225 a that identifiesa type of unauthorized code, identifies portions of the electronicdocuments that include the unauthorized code, identifies a severitylevel of the unauthorized code, and/or recommends steps to mitigatepresence of the unauthorized code. Notification message 225 a may beplaced in message queue 220. In some embodiments, content processor A225 may estimate a time required to process the electronic document.Although notification message 225 a is illustrated as a single message,it may comprise a plurality of messages. For example, content processorA 225 may provide a first notification message that displays a time atwhich processing started, and an estimated time to process theelectronic file. Also, for example, content processor A 225 may providea second notification message that indicates that unauthorized code hasbeen detected. As another example, content processor A 225 may provideadditional notification messages providing updates on the processingtasks.

As another example, data integrity computing platform 110 may causecontent processor B 230 to retrieve, in response to alert message 215 a,the electronic file (e.g., from file server 215). Content processor B230 may be configured to scan the electronic file, or portions thereof,for macros and/or scripts. Content processor B 230 may, upon detectionof macros and/or scripts, generate a notification message 230 a thatidentifies a type of macros and/or scripts, identifies portions of theelectronic documents that include the macros and/or scripts, identifiesa number of the macros and/or scripts, and/or recommends steps tomitigate presence of the macros and/or scripts. Notification message 230a may be placed in message queue 220. In some embodiments, contentprocessor B 230 may estimate a time required to process the electronicdocument. Although notification message 230 a is illustrated as a singlemessage, it may comprise a plurality of messages. For example, contentprocessor B 230 may provide a first notification message that displays atime at which processing started, and an estimated time to process theelectronic file. Also, for example, content processor B 230 may providea second notification message that indicates that a macro and/or scripthas been detected. As another example, content processor B 230 mayprovide additional notification messages providing updates on theprocessing tasks.

Also, for example, data integrity computing platform 110 may causecontent processor C 235 to retrieve, in response to alert message 215 a,the electronic file (e.g., from file server 215). Content processor C235 may be configured to scan the electronic file, or portions thereof,for non-public information (“NPI”), such as, for example, names, socialsecurity numbers, dates of birth, financial account information, accountnumbers, driver's license information, telephone numbers, electronicmail addresses, residential and/or work addresses, spousal information,marital information, ethnicity, sexual orientation, and so forth.Content processor C 235 may, upon detection of NPI, generate anotification message 235 a that identifies a type of NPI, identifiesportions of the electronic documents that include the NPI, identifies anumber of the NPI, and/or recommends steps to mitigate presence of theNPI. Notification message 235 a may be placed in message queue 220. Insome embodiments, content processor C 235 may estimate a time requiredto process the electronic document. Although notification message 235 ais illustrated as a single message, it may comprise a plurality ofmessages. For example, content processor C 235 may provide a firstnotification message that displays a time at which processing started,and an estimated time to process the electronic file. Also, for example,content processor C 235 may provide a second notification message thatindicates that NPI has been detected. As another example, contentprocessor C 235 may provide additional notification messages providingupdates on the processing tasks.

As described herein, data integrity computing platform 110 may beconfigured to be flexible and adaptive. For example, although specificexamples are illustrated with reference to content processor A 225,content processor B 230, and content processor C 235, data integritycomputing platform 110 may comprise additional content processors forspecific tasks. Also, for example, enterprise network managementinfrastructure 120 may be periodically updated with new threats,anticipates unauthorized code, new types of macros, and so forth, andenterprise network management infrastructure 120 may updated servers,such as, for example, file server 215 with such information. In someembodiments, data integrity computing platform 110 may configure one ormore of content processor A 225, content processor B 230, and contentprocessor C 235 to process such potentially unauthorized content.

In some embodiments, data integrity computing platform 110 may identifyan additional type of content potentially for review prior totransmission to the second enterprise computing device. Then, dataintegrity computing platform 110 may configure an additional contentprocessor to identify additional data content associated with theadditional type of content. For example, new content processors may beadded to perform new tasks. For example, based on changes to rules andregulations (e.g., in domestic or international jurisdictions), theelectronic file may need to be processed for compliance with enterprisepolicies. Accordingly, data integrity computing platform 110 may createand configure a new content processor, such as, for example, contentprocessor X 240, where the new content processor analyzes the electronicfile for compliance with enterprise policies. Although content processorX 240 is illustrated as a single content processor, it represents anynumber of new content processors that may be created and configured toprocess the electronic file for new unauthorized content. For example,data integrity computing platform 110 may deploy 15 to 1500 contentprocessors at a given time to simultaneously perform processing tasks.Content processor X 240 may provide notification messages (e.g.,notification message 240 a) to message queue 220. Such a modulararchitecture allows for an electronic file to be processed efficiently.For example, a first content processor may be able to process 10 filesin a one second, whereas a second content processor may process one filein 20 seconds. Accordingly, if an electronic file were to be processedin a serial manner, the wait times would increase, and the first contentprocessor may be underutilized. However, in a modular architecture withparallel processing, each content processor is able to processelectronic files at their own pace without having to depend onprocessing times for other content processors.

Generally, content processor A 225, content processor B 230, contentprocessor C 235, and/or content processor X 240, may process theelectronic file simultaneously. For example, each content processor maysimultaneously retrieve copies of the electronic file (or relevantportions thereof), from file server 215. Upon completion of processing,each content processor may return the electronic file, with appropriateannotations, to file server 215. In some embodiments, file server 215may collate the results of the processing, and perform further steps.

As described herein, data integrity computing platform 110 may updatethe unique identifier with a status of the electronic file in themessage queue. For example, each notification message output by acontent server, may be utilized to update the unique identifierassociated with the data content. Accordingly, a status of theprocessing, time needed to process, and such other information may beavailable in real-time.

In some embodiments, data integrity computing platform 110 may receive astatus request for the transmission of the data content. For example,one or more network devices may send a network message requestingstatus. Also, for example, a security personnel, system manager, networkmanager, or other entity within an enterprise may request a status forthe transmission of the data content. In some embodiments, dataintegrity computing platform 110 may access the message queue to readthe updated unique identifier, and may provide a response to the statusrequest. For example, file server 215 may access message queue 220,retrieve status information from the unique identifier, generate andtransmit a status report to a requestor of the status. For example, fileserver 215 may indicate where the electronic file is in processing,which, if any, content processors have completed processing theelectronic file, an estimated time for completion of the processing, andso forth. Accordingly, one or more devices comprising data integritycomputing platform 110 may perform functions of a content deliverysystem. Individual electronic files may be tagged for tracking, andreal-time status with information related to the processing of theelectronic file may be recorded.

For example, millions of data sets may be processed, and data integritycomputing platform 110 may determine average processing times forvarious types of data sets. For example, a data set that may have 1,000characters may take and average of 20 seconds for a first contentprocessor to process, 1 to 10 seconds for a second content processor, 2seconds for a third content processor, and so forth. Accordingly, anestimate for completion may be determined based on a size of the datacontent.

In some embodiments, data integrity computing platform 110 may display,in real time and via a graphical user interface, a status of thetransmission of the data content. For example, data integrity computingplatform 110 may display such information (e.g., a status of theprocessing, time needed to process, severity level of threats, number ofNPIs, and so forth), in real time via the graphical user interface. Forexample, a security group, system manager, network manager, or otherentities within an enterprise may, monitor, in real-time, processing ofincoming and outgoing data contents. A display may provide informationabout a transmission, a summary of contents, indicate content processorsthat may process (or not process) the file, an updated list ofidentified unauthorized content, and so forth.

In some embodiments, data integrity computing platform 110 may modify,based on the notification message, the data content. For example, uponcompletion of processing, file server 215 may modify the data contentbased on the corresponding electronic file. In some embodiments, dataintegrity computing platform 110 may perform one or more of masking aportion of the identified data content, deleting a portion of theidentified data content, altering a portion of the identified datacontent, and causing generation of additional notifications. Forexample, NPI may be masked or deleted, secure information may beencrypted, scripts and/or macros may be removed or modified,photographic content may be filtered (e.g., based on enterprise usepolicies), and so forth.

In some embodiments, integrity response engine 245 may generate a firstemail 250 with an error message. For example, file server 215 maydetermine that the data content may not be transmitted to secondcomputing device 265. Accordingly, integrity response engine 245 maygenerate the first email 250 with an error message, and send the messageto second computing device 265. In some embodiments, the error messagemay be sent to first computing device 205, indicating that thetransmission of the data content was unsuccessful. In some embodiments,integrity response engine 245 may send a message to a user associatedwith first computing device 205 recommending that the data content bemodified in certain aspects.

In some embodiments, data integrity computing platform 110 may generatea link to the modified data content. For example, first computing device205 may initiate transmission of an electronic message, and/or anelectronic file, to second computing device 265. The data contents maybe processed, as described herein. Upon completion of the processing,file server 215 may generate a link to the modified data content. Themodified data content may itself be stored in a data repository (e.g.,enterprise data storage platform 130). In some embodiments, a securelink to the modified data content, with appropriate access controls, maybe generated. The modified data content may therefore not be transmittedoutside the enterprise organization. This may ensure an additional layerof security in data transmission.

In some embodiments, data integrity computing platform 110 may provide,via the communication network and to the second enterprise computingdevice, the generated link. For example, integrity response engine 245may generate a second email 255 with a link to the modified datacontent, and transmit the second email 255 to second computing device265.

In some embodiments, data integrity computing platform 110 may clear thedata content for transmission to second computing device 265.Accordingly, integrity response engine 245 may transmit the modifiedfile 250.

In some embodiments, data integrity computing platform 110 may determinea risk score for the data content, where the risk score is based atleast in part on one of: a severity level of an unauthorized code, anumber of embedded scripts, a number of embedded macros, and an amountof non-public information. For example, content processor A 225 mayindicate a type and/or severity of unauthorized code. In someembodiments, a risk level may be associated with the unauthorized code.For example, the unauthorized code may be determined to be of “High”,“Medium”, or “Low” risk. For example, if a virus is detected, the riskscore may be 10,000. In some embodiments, a user and/or entityassociated with first computing device 205 may be identified and/ornotified. For example, if the entity is a vendor, other applicationsassociated with the vendor may be placed at a higher risk ofsusceptibility, and the corresponding applications may be quarantined.Also, for example, if the entity is another organization, data integritycomputing platform 110 may determine that the organization may bepotentially vulnerable to a cyberattack, and may temporarily blockincoming and outgoing communications with the organization.

Also, for example, a larger number of scripts, and/or macros, may beassociated with a higher risk score, whereas a smaller number ofscripts, and/or macros, may be associated with a lower risk score.Similarly, a larger number of NPIs, may be associated with a higher riskscore, whereas a smaller number of NPIs, may be associated with a lowerrisk score. In some embodiments, weights may be associated withunauthorized content. For example, social security numbers may be givena higher weight, than, for example, initials of names.

Although file server 215 is illustrated here, for simplicity, asperforming one or more tasks, file server 215 may comprise a pluralityof servers, each performing the one or more tasks. For example, a firstserver may serve functions of a file clearinghouse. For example, thefirst server may generate the unique identifier. Another server mayconvert the data contents to an electronic file in the standardizedtextual format. A third server may determine if contents of theelectronic file have been previously processed, and/or identify portionsthat may need to be processed. Also for example, another server maymanage the content processors, queue appropriate tasks, receive andrespond to status requests, and so forth.

As another example, integrity response engine 245 may be communicativelylinked to a file server that modifies the data content based on theprocessing, summarizes output of the processing, provides a notificationmessage 245 a, communicates with enterprise network managementinfrastructure 120 to provide information to be displayed via thegraphical user interface, communicates with enterprise data storageplatform 130 to provide links, and so forth. For example, integrityresponse engine 245 may be communicatively linked to a server that isconfigured to serve as a “job updater.” Such a job updater may beconfigured to include business rules and logic that may be utilizedapply appropriate modifications to the data content. The business rulesand logic may include enterprise policies for data transmission, fileretention and transport policies, entitlements, file access controlinformation, security clearance levels for enterprise personnel,enterprise application, enterprise devices, and so forth. For example,business rules may indicate if the data content may be accessible to anintended recipient. For example, the data content may be intended for amortgage team within the enterprise organization. However, secondcomputing device 265 may be associated with a trading team. Accordingly,integrity response engine 245 may apply the appropriate business logic,and prevent the data content from being transmitted to second computingdevice 265. In some embodiments, integrity response engine 245 may applythe appropriate business logic, and transmit the data content to theappropriate recipient (e.g., members of the mortgage team, or a managerin the mortgage team for appropriate dissemination). Also, for example,members of a support team may support online applications and/orenterprise mobile applications. Such members of the support team may notneed to know a customer number, and may just need to know what atransaction identifier is for a service request. Accordingly, datacontent being transmitted to the support team may be modified to redactinformation other than the transaction identifier.

FIG. 3 depicts an illustrative method for a data integrity system fortransmission of incoming and outgoing data in accordance with one ormore example embodiments. Referring to FIG. 3, at step 305, a computingplatform having at least one processor, and memory may detect, via acommunication network, transmission of data from a first enterprisecomputing device to a second enterprise computing device. At step 310,the computing platform may intercept, prior to receipt of thetransmission by the second enterprise computing device, the data. Atstep 315, the computing platform may add an alert message to a messagequeue, where the alert message indicates that the electronic file isavailable to be processed. At step 320, the computing platform maydetermine whether a portion of the data content has been previouslyprocessed. Upon a determination that a portion of the data content hasnot been previously processed, the process moves to step 325. At step325, the computing platform may cause one or more content processors toprocess a textual format corresponding to the data content. The processthen moves to step 340.

Upon a determination that a portion of the data content has beenpreviously processed, the process moves to step 330. At step 330, thecomputing platform may identify content processors that need to processthe portion of the data content that was not previously processed. Atstep 335, the computing platform may cause the identified contentprocessors to process a textual format corresponding to the data contentthat was not previously processed. The process then moves to step 340.

Generally, the processing of the textual format may include reading thealert message in the message queue, retrieving, in response to the alertmessage, the electronic file, identifying the portion of the datacontent in the electronic file, and outputting a notification message tothe message queue, where the notification message may provideinformation related to the identified portion of the data content.

At step 340, the computing platform may determine whether the datacontent needs to be reviewed prior to transmission to the secondenterprise computing device. Upon a determination that the data contentneeds to be reviewed prior to transmission to the second enterprisecomputing device, the process moves to step 345. At step 345, thecomputing platform may initiate one or more steps to review and/ormodify the data content. Upon a determination that the data content doesnot need to be reviewed prior to transmission to the second enterprisecomputing device, the process moves to step 350. At step 350, thecomputing platform may provide, to the second enterprise computingdevice, a link to the data content.

One or more aspects of the disclosure may be embodied in computer-usabledata or computer-executable instructions, such as in one or more programmodules, executed by one or more computers or other devices to performthe operations described herein. Generally, program modules includeroutines, programs, objects, components, data structures, and the likethat perform particular time-sensitive tasks or implement particularabstract data types when executed by one or more processors in acomputer or other data processing device. The computer-executableinstructions may be stored as computer-readable instructions on acomputer-readable medium such as a hard disk, optical disk, removablestorage media, solid-state memory, RAM, and the like. The functionalityof the program modules may be combined or distributed as desired invarious embodiments. In addition, the functionality may be embodied inwhole or in part in firmware or hardware equivalents, such as integratedcircuits, application-specific integrated circuits (ASICs), fieldprogrammable gate arrays (FPGA), and the like. Particular datastructures may be used to more effectively implement one or more aspectsof the disclosure, and such data structures are contemplated to bewithin the scope of computer executable instructions and computer-usabledata described herein.

Various aspects described herein may be embodied as a method, anapparatus, or as one or more computer-readable media storingcomputer-executable instructions. Accordingly, those aspects may takethe form of an entirely hardware embodiment, an entirely softwareembodiment, an entirely firmware embodiment, or an embodiment combiningsoftware, hardware, and firmware aspects in any combination. Inaddition, various signals representing data or events as describedherein may be transferred between a source and a destination in the formof light or electromagnetic waves traveling through signal-conductingmedia such as metal wires, optical fibers, or wireless transmissionmedia (e.g., air or space). In general, the one or morecomputer-readable media may be and/or include one or more non-transitorycomputer-readable media.

As described herein, the various methods and acts may be operativeacross one or more computing servers and one or more networks. Thefunctionality may be distributed in any manner, or may be located in asingle computing device (e.g., a server, a client computer, and thelike). For example, in alternative embodiments, one or more of thecomputing platforms discussed above may be combined into a singlecomputing platform, and the various functions of each computing platformmay be performed by the single computing platform. In such arrangements,any and/or all of the above-discussed communications between computingplatforms may correspond to data being accessed, moved, modified,updated, and/or otherwise used by the single computing platform.Additionally or alternatively, one or more of the computing platformsdiscussed above may be implemented in one or more virtual machines thatare provided by one or more physical computing devices. In sucharrangements, the various functions of each computing platform may beperformed by the one or more virtual machines, and any and/or all of theabove-discussed communications between computing platforms maycorrespond to data being accessed, moved, modified, updated, and/orotherwise used by the one or more virtual machines.

Aspects of the disclosure have been described in terms of illustrativeembodiments thereof. Numerous other embodiments, modifications, andvariations within the scope and spirit of the appended claims will occurto persons of ordinary skill in the art from a review of thisdisclosure. For example, one or more of the steps depicted in theillustrative figures may be performed in other than the recited order,and one or more depicted steps may be optional in accordance withaspects of the disclosure.

What is claimed is:
 1. A computing platform, comprising: at least oneprocessor; and memory storing computer-readable instructions that, whenexecuted by the at least one processor, cause the computing platform to:detect, via a communication network, transmission of data content from afirst enterprise computing device to a second enterprise computingdevice; intercept, prior to receipt of the transmission by the secondenterprise computing device, the data content; convert the data contentto an electronic file in a standardized textual format; add an alertmessage to a message queue, wherein the alert message indicates that theelectronic file is available to be processed; identify, in theelectronic file, a first portion of the data content corresponding to afirst content category and a second portion of the data contentcorresponding to a second content category, wherein the first and secondcategories comprise different content categories; cause one or morecontent processors to process the electronic file to identify a portionof the data content for review prior to transmission to the secondenterprise computing device, wherein the one or more processors comprisea first content processor and a second content processor and wherein theprocessing comprises: reading the alert message in the message queue;retrieving, in response to the alert message, first and second copies ofthe electronic file by the first and second content processors,respectively; simultaneously processing, by the first and second contentprocessors, the different content categories in the first and secondportions of the first and second copies, respectively; outputting firstand second notification messages by the first and second contentprocessors, respectively, to the message queue, wherein the first andsecond notification messages provide information related to the firstand second portions, respectively; and return the first and secondcopies with annotations from the first and second content processors;modify, based on the first and second notification messages, the datacontent; generate a link to the modified data content; and provide, viathe communication network and to the second enterprise computing device,the generated link.
 2. The computing platform of claim 1, wherein theinstructions to cause the one or more content processors to process theelectronic file comprise additional computer-readable instructions that,when executed by the at least one processor, cause the computingplatform to: cause the one or more content processors to search forunauthorized code.
 3. The computing platform of claim 2, wherein theinstructions to cause the one or more content processors to search forthe unauthorized code comprise additional computer-readable instructionsthat, when executed by the at least one processor, cause the computingplatform to: cause the one or more content processors to determine aseverity level of the unauthorized code.
 4. The computing platform ofclaim 1, wherein the instructions to cause the one or more contentprocessors to process the electronic file comprise additionalcomputer-readable instructions that, when executed by the at least oneprocessor, cause the computing platform to: cause the one or morecontent processors to search for at least one of embedded scripts andmacros.
 5. The computing platform of claim 4, wherein the instructionsto cause the one or more content processors to search for the at leastone of embedded scripts and macros comprise additional computer-readableinstructions that, when executed by the at least one processor, causethe computing platform to: cause the one or more content processors todetermine a number of the at least one of the embedded scripts andmacros.
 6. The computing platform of claim 1, wherein the instructionsto cause the one or more content processors to process the electronicfile comprise additional computer-readable instructions that, whenexecuted by the at least one processor, cause the computing platform to:cause the one or more content processors to search for non-publicinformation.
 7. The computing platform of claim 6, wherein theinstructions to cause the one or more content processors to search forthe non-public information comprise additional computer-readableinstructions that, when executed by the at least one processor, causethe computing platform to: cause the one or more content processors todetermine an amount of the non-public information.
 8. The computingplatform of claim 1, wherein the instructions to cause the one or morecontent processors to process the electronic file comprise additionalcomputer-readable instructions that, when executed by the at least oneprocessor, cause the computing platform to: identify an additional typeof content potentially for review prior to transmission to the secondenterprise computing device; and configure an additional contentprocessor to identify additional data content associated with theadditional type of content.
 9. The computing platform of claim 1,wherein the instructions to add the alert message to the message queuecomprise additional computer-readable instructions that, when executedby the at least one processor, cause the computing platform to: prior toadding the alert message to the message queue, associate a uniqueidentifier with the electronic file.
 10. The computing platform of claim1, comprising additional computer-readable instructions that, whenexecuted by the at least one processor, cause the computing platform to:associate a unique identifier with the electronic file; and update theunique identifier with a status of the electronic file in the messagequeue.
 11. The computing platform of claim 10, comprising additionalcomputer-readable instructions that, when executed by the at least oneprocessor, cause the computing platform to: receive a status request forthe transmission of the data content; access the message queue to readthe updated unique identifier; and based on the updated uniqueidentifier, provide a response to the status request.
 12. The computingplatform of claim 1, comprising additional computer-readableinstructions that, when executed by the at least one processor, causethe computing platform to: display, in real time and via a graphicaluser interface, a status of the transmission of the data content. 13.The computing platform of claim 1, wherein the instructions to add thealert message to the message queue comprise additional computer-readableinstructions that, when executed by the at least one processor, causethe computing platform to: prior to adding the alert message to themessage queue, determine whether a portion of the electronic file hasbeen previously processed; and based upon a determination that theportion of the electronic file has been previously processed, markadditional portions of the electronic file to be processed.
 14. Thecomputing platform of claim 13, wherein the instructions to mark theadditional portions of the electronic file to be processed compriseadditional computer-readable instructions that, when executed by the atleast one processor, cause the computing platform to: cause at least onecontent processor, of the one or more content processors, to not processat least one of the additional portions of the electronic file.
 15. Thecomputing platform of claim 1, wherein the instructions to modify thedata content comprise additional computer-readable instructions that,when executed by the at least one processor, cause the computingplatform to: perform one or more of masking the identified portion ofthe data content, deleting the identified portion of the data content,altering the identified portion of the data content, and generating anotification that the electronic file is not available.
 16. Thecomputing platform of claim 1, comprising additional computer-readableinstructions that, when executed by the at least one processor, causethe computing platform to: determine a risk score for the data content,wherein the risk score is based at least in part on one of: a severitylevel of an unauthorized code, a number of embedded scripts, a number ofembedded macros, and an amount of non-public information.
 17. A method,comprising: at a computing platform comprising at least one processor,and memory: detecting, via a communication network, transmission of datacontent from a first enterprise computing device to a second enterprisecomputing device; intercepting, prior to receipt of the transmission bythe second enterprise computing device, the data content; converting thedata content to an electronic file in a standardized textual format;adding an alert message to a message queue, wherein the alert messageindicates that the electronic file is available to be processed;identifying, in the electronic file, a first portion of the data contentcorresponding to a first content category and a second portion of thedata content corresponding to a second content category; cause one ormore content processors to process the electronic file to identify aportion of the data content for review prior to transmission to thesecond enterprise computing device, wherein the one or more processorscomprise a first content processor and a second content processor andwherein the processing comprises: reading the alert message in themessage queue; retrieving, in response to the alert message, first andsecond copies of the electronic file by the first and second contentprocessors, respectively; simultaneously processing, by the first andsecond content processors, the first and second portions of the firstand second copies, respectively, wherein the first portion contains adifferent content category than the second portion; outputting anotification message to the message queue, wherein the notificationmessage provides information related to the identified portion of thedata content; outputting first and second notification messages by thefirst and second content processors, respectively, to the message queue,wherein the first and second notification messages provide informationrelated to the first and second portions, respectively; and return thefirst and second copies with annotations from the first and secondcontent processors; modifying, based on the first and secondnotification messages, the data content; generating a link to themodified data content; and providing, via the communication network andto the second enterprise computing device, the generated link.
 18. Themethod of claim 17, wherein the processing the electronic file comprisescausing the one or more content processors to: determine a risk scorefor the data content, wherein the risk score is based at least in parton one of: a severity level of an unauthorized code, a number ofembedded scripts, a number of embedded macros, and an amount ofnon-public information.
 19. The method of claim 17, further comprising:identifying an additional type of content potentially for review priorto transmission to the second enterprise computing device; andconfiguring an additional content processor to identify additional datacontent associated with the additional type of content.
 20. One or morenon-transitory computer-readable media storing instructions that, whenexecuted by a computing platform comprising at least one processor, andmemory, cause the computing platform to: detect, via a communicationnetwork, transmission of data content from a first enterprise computingdevice to a second enterprise computing device; intercept, prior toreceipt of the transmission by the second enterprise computing device,the data content; convert the data content to an electronic file in astandardized textual format; add an alert message to a message queue,wherein the alert message indicates that the electronic file isavailable to be processed; identify, in the electronic file, a firstportion of the data content corresponding to a first content categoryand a second portion of the data content corresponding to a secondcontent category; cause one or more content processors to process theelectronic file to identify a portion of the data content for reviewprior to transmission to the second enterprise computing device, whereinthe one or more processors comprise a first content processor and asecond content processor and wherein the processing comprises: readingthe alert message in the message queue; retrieving, in response to thealert message, first and second copies of the electronic file by thefirst and second content processors, respectively; simultaneouslyprocessing, by the first and second content processors, the first andsecond portions of the first and second copies, respectively, whereinthe first portion contains a different content category than the secondportion; outputting first and second notification messages by the firstand second content processors, respectively, to the message queue,wherein the first and second notification messages provide informationrelated to the first and second portions, respectively; and return thefirst and second copies with annotations from the first and secondcontent processors; modify, based on the first and second notificationmessages, the data content; and initiate, via the communication network,one or more steps associated with the modified data content.
 21. Thecomputing platform of claim 1, wherein the one or more contentprocessors comprises a first content processor and a second processorand wherein the instructions to cause the one or more content processorsto process the electronic file comprise additional computer-readableinstructions that, when executed by the at least one processor, causethe computing platform to: separately tag the first portion and thesecond portion in the textual format based on the first and secondcontent categories, respectively; retrieve, by the first contentprocessor, the tagged textual format; and process, by the first contentprocessor, only the tagged first portion.
 22. The computing platform ofclaim 10, wherein one or more content processors comprises a firstcontent processor and a second processor and wherein the instructions tocause the one or more content processors to process the electronic filecomprise additional computer-readable instructions that, when executedby the at least one processor, cause the computing platform to: updatethe unique identifier to be indicative of completed processing when thefirst content processor has completed processing the electronic file.23. The computing platform of claim 1, wherein the one or more contentprocessors comprises a first content processor and a second processorand wherein the instructions to cause the one or more content processorsto process the electronic file comprise additional computer-readableinstructions that, when executed by the at least one processor, causethe computing platform to: separate the first portion and the secondportion of the textual format, wherein the first and second contentprocessors process only the first and second portions, respectively.